Unable to start driver service (error #31).
113 views
Skip to first unread message
Jeff Tsao
Jan 7, 2014, 7:24:51 AM1/7/14
to hype...@googlegroups.com
Hello,
I download the file hyperdbg_20100325_auto_1280x1024.zip and I got below error message after I use hypergui to load hyperdbg.sys.
Unable to start driver service (error #31).
I also try used OSR Driver Loader to load hyperdbg.sys and got the same error message.
Today I use svn to download the newest version (r132) and then compile it.
But I got a different error message (Unable to start driver service (error #2).)
My system is pure Win XP SP3 32-bit with PS/2 keyboard and the Intel CPU has VT-x.
I already suffer on this for two days. Does anyone know how to solve this issue?
Thanks a lot.
I download the file hyperdbg_20100325_auto_1280x1024.zip and I got below error message after I use hypergui to load hyperdbg.sys.
Unable to start driver service (error #31).
I also try used OSR Driver Loader to load hyperdbg.sys and got the same error message.
Today I use svn to download the newest version (r132) and then compile it.
But I got a different error message (Unable to start driver service (error #2).)
My system is pure Win XP SP3 32-bit with PS/2 keyboard and the Intel CPU has VT-x.
I already suffer on this for two days. Does anyone know how to solve this issue?
Thanks a lot.
Aristide Fattori
Jan 7, 2014, 10:59:28 AM1/7/14
to hype...@googlegroups.com
Hi,
thanks for your interest in our project! Would you mind installing
dbgview (http://technet.microsoft.com/it-it/sysinternals/bb896647.aspx)
and running it *before* trying to install hyperdbg.sys? Be sure to
check the menu option to intercept kernel messages
(http://www.hristopavlov.net/OccultWatcher/Troubleshoot/dbgview.JPG
*capture kernel* must be checked). The dbg messages of hyperdbg loader
would help you understand what the problem is. Maybe you didn't
eliminate WIN7 related define in the Makefile, or ENABLE_EPT is
defined while the CPU does not support it. In any case, the debug
message should help you find the problem. If not, just post it here.
Thanks,
Aristide
> --
> You received this message because you are subscribed to the Google Groups
> "hyperdbg" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to hyperdbg+u...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
--
GnuPG Key on keyserver.pgp.com ID 0x25578128
http://security.di.unimi.it/~joystick/
thanks for your interest in our project! Would you mind installing
dbgview (http://technet.microsoft.com/it-it/sysinternals/bb896647.aspx)
and running it *before* trying to install hyperdbg.sys? Be sure to
check the menu option to intercept kernel messages
(http://www.hristopavlov.net/OccultWatcher/Troubleshoot/dbgview.JPG
*capture kernel* must be checked). The dbg messages of hyperdbg loader
would help you understand what the problem is. Maybe you didn't
eliminate WIN7 related define in the Makefile, or ENABLE_EPT is
defined while the CPU does not support it. In any case, the debug
message should help you find the problem. If not, just post it here.
Thanks,
Aristide
> You received this message because you are subscribed to the Google Groups
> "hyperdbg" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to hyperdbg+u...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
--
GnuPG Key on keyserver.pgp.com ID 0x25578128
http://security.di.unimi.it/~joystick/
Jeff Tsao
Jan 8, 2014, 1:05:19 AM1/8/14
to hype...@googlegroups.com
Hi joystick,
I got log from dbgview as below. Is my CPU not support VMX?
Thanks.
00000001 0.00000000 [vmm] Driver Routines [00000000]
00000002 0.00000316 [vmm] --------------- [00000000]
00000003 0.00000595 [vmm] Driver Entry [A82F7512]
00000004 0.00000846 [vmm] Driver Unload [A82F7444]
00000005 0.00001126 [vmm] StartVMX [A82F693C]
00000006 0.00001389 [vmm] VMMEntryPoint [A82F7AE8]
00000007 0.00044091 [vmm] VMXONRegion virtual address [F7B27000]
00000008 0.00047740 [vmm] VMXONRegion physical address [3D068000]
00000009 0.00089750 [vmm] VMCSRegion virtual address [F7B29000]
00000010 0.00093411 [vmm] VMCSRegion physical address [3D269000]
00000011 0.00094370 [vmm] VMMStack [8584B000]
00000012 0.00136736 [vmm] I/O bitmap A virtual address [F7B2B000]
00000013 0.00140404 [vmm] I/O bitmap A physical address [3D12A000]
00000014 0.00182361 [vmm] I/O bitmap A virtual address [F7B2D000]
00000015 0.00186011 [vmm] I/O bitmap A physical address [3D06B000]
00000016 0.00237752 [vmm] VMMIDT [F7B2F000]
00000017 0.00239522 [*] Starting PCI scan
00000018 0.00240027 [*] Found device! Vendor: 8086 device: 2970 header: 00
00000019 0.00244129 [*] Found device! Vendor: 8086 device: 2971 header: 01
00000020 0.00248150 [*] Found device! Vendor: 8086 device: 2972 header: 00
00000021 0.00251146 [D] Prefetchable PCI memory at c0000000
00000022 0.00251422 [*] Found PCI display region at physical address c0000000
00000023 0.25428405 [vmm] [HyperDbg] Initialized! [00000000]
00000024 0.25429147 [vmm] Guest Return EIP [A82F783B]
00000025 0.25429425 [vmm] Enabling VMX mode on CPU 0 [00000000]
00000026 0.25430173 [vmm] Running on Processor [00000000]
00000027 0.25430596 [vmm] GDT Base [8003F000]
00000028 0.25430894 [vmm] GDT Limit [000003FF]
00000029 0.25431180 [vmm] IDT Base [8003F400]
00000030 0.25431409 [vmm] IDT Limit [000007FF]
00000031 0.25431699 [vmm] VMX Support Not Present. [0000E39D]
00000032 0.25432000 [vmm] Running on Processor [00000000]
00000033 0.25432265 [vmm] ERROR : Launch aborted. [00000000]
00000034 0.25432563 [vmm] [HyperDbg] Unloading... [00000000]
Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
I got log from dbgview as below. Is my CPU not support VMX?
Thanks.
00000001 0.00000000 [vmm] Driver Routines [00000000]
00000002 0.00000316 [vmm] --------------- [00000000]
00000003 0.00000595 [vmm] Driver Entry [A82F7512]
00000004 0.00000846 [vmm] Driver Unload [A82F7444]
00000005 0.00001126 [vmm] StartVMX [A82F693C]
00000006 0.00001389 [vmm] VMMEntryPoint [A82F7AE8]
00000007 0.00044091 [vmm] VMXONRegion virtual address [F7B27000]
00000008 0.00047740 [vmm] VMXONRegion physical address [3D068000]
00000009 0.00089750 [vmm] VMCSRegion virtual address [F7B29000]
00000010 0.00093411 [vmm] VMCSRegion physical address [3D269000]
00000011 0.00094370 [vmm] VMMStack [8584B000]
00000012 0.00136736 [vmm] I/O bitmap A virtual address [F7B2B000]
00000013 0.00140404 [vmm] I/O bitmap A physical address [3D12A000]
00000014 0.00182361 [vmm] I/O bitmap A virtual address [F7B2D000]
00000015 0.00186011 [vmm] I/O bitmap A physical address [3D06B000]
00000016 0.00237752 [vmm] VMMIDT [F7B2F000]
00000017 0.00239522 [*] Starting PCI scan
00000018 0.00240027 [*] Found device! Vendor: 8086 device: 2970 header: 00
00000019 0.00244129 [*] Found device! Vendor: 8086 device: 2971 header: 01
00000020 0.00248150 [*] Found device! Vendor: 8086 device: 2972 header: 00
00000021 0.00251146 [D] Prefetchable PCI memory at c0000000
00000022 0.00251422 [*] Found PCI display region at physical address c0000000
00000023 0.25428405 [vmm] [HyperDbg] Initialized! [00000000]
00000024 0.25429147 [vmm] Guest Return EIP [A82F783B]
00000025 0.25429425 [vmm] Enabling VMX mode on CPU 0 [00000000]
00000026 0.25430173 [vmm] Running on Processor [00000000]
00000027 0.25430596 [vmm] GDT Base [8003F000]
00000028 0.25430894 [vmm] GDT Limit [000003FF]
00000029 0.25431180 [vmm] IDT Base [8003F400]
00000030 0.25431409 [vmm] IDT Limit [000007FF]
00000031 0.25431699 [vmm] VMX Support Not Present. [0000E39D]
00000032 0.25432000 [vmm] Running on Processor [00000000]
00000033 0.25432265 [vmm] ERROR : Launch aborted. [00000000]
00000034 0.25432563 [vmm] [HyperDbg] Unloading... [00000000]
Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
Aristide Fattori
Jan 8, 2014, 6:55:11 AM1/8/14
to hype...@googlegroups.com
Hi,
if you're on a physical cpum there may be 3 cases:
1) your CPU does not have VMX support (unlikely). Which model is it?
http://ark.intel.com/ usually contains every info on your CPU,
including VMX support
2) VMX support is disabled in the BIOS
3) there's a bug in the hyperdbg code that checks for VMX support.
Please let us know if it is 1) or 2) :)
if you're on a physical cpum there may be 3 cases:
1) your CPU does not have VMX support (unlikely). Which model is it?
http://ark.intel.com/ usually contains every info on your CPU,
including VMX support
2) VMX support is disabled in the BIOS
3) there's a bug in the hyperdbg code that checks for VMX support.
Please let us know if it is 1) or 2) :)
Jeff Tsao
Jan 8, 2014, 8:00:23 AM1/8/14
to hype...@googlegroups.com
Hi joystick,
This's the link of my CPU model. It seems I really need to buy a new desktop. I'd appreciate your help.
http://ark.intel.com/products/29753/Intel-Core2-Duo-Processor-E4400-2M-Cache-2_00-GHz-800-MHz-FSB
Intel® Virtualization Technology (VT-x) No
Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
This's the link of my CPU model. It seems I really need to buy a new desktop. I'd appreciate your help.
http://ark.intel.com/products/29753/Intel-Core2-Duo-Processor-E4400-2M-Cache-2_00-GHz-800-MHz-FSB
Intel® Virtualization Technology (VT-x) No
Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
Aristide Fattori
Jan 8, 2014, 8:05:27 AM1/8/14
to hype...@googlegroups.com
Mm too bad :-) I'd suggest you to buy an i7, but unfortunately there
are no mobo AFAIK that support i* CPUs and has PS/2 ports :(
On Wed, Jan 8, 2014 at 2:00 PM, Jeff Tsao <jeff.t...@gmail.com> wrote:
> Hi joystick,
>
> This's the link of my CPU model. It seems I really need to buy a new
> desktop. I'd appreciate your help.
>
> http://ark.intel.com/products/29753/Intel-Core2-Duo-Processor-E4400-2M-Cache-2_00-GHz-800-MHz-FSB
> Intel(R) Virtualization Technology (VT-x) No
are no mobo AFAIK that support i* CPUs and has PS/2 ports :(
On Wed, Jan 8, 2014 at 2:00 PM, Jeff Tsao <jeff.t...@gmail.com> wrote:
> Hi joystick,
>
> This's the link of my CPU model. It seems I really need to buy a new
> desktop. I'd appreciate your help.
>
> http://ark.intel.com/products/29753/Intel-Core2-Duo-Processor-E4400-2M-Cache-2_00-GHz-800-MHz-FSB
>
> Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
>>
>> Hello,
>>
>> I download the file hyperdbg_20100325_auto_1280x1024.zip and I got below
>> error message after I use hypergui to load hyperdbg.sys.
>> Unable to start driver service (error #31).
>> I also try used OSR Driver Loader to load hyperdbg.sys and got the same
>> error message.
>> Today I use svn to download the newest version (r132) and then compile it.
>> But I got a different error message (Unable to start driver service (error
>> #2).)
>> My system is pure Win XP SP3 32-bit with PS/2 keyboard and the Intel CPU
>> has VT-x.
>> I already suffer on this for two days. Does anyone know how to solve this
>> issue?
>> Thanks a lot.
>>
> Jeff Tsao於 2014年1月7日星期二UTC+8下午8時24分51秒寫道:
>>
>> Hello,
>>
>> I download the file hyperdbg_20100325_auto_1280x1024.zip and I got below
>> error message after I use hypergui to load hyperdbg.sys.
>> Unable to start driver service (error #31).
>> I also try used OSR Driver Loader to load hyperdbg.sys and got the same
>> error message.
>> Today I use svn to download the newest version (r132) and then compile it.
>> But I got a different error message (Unable to start driver service (error
>> #2).)
>> My system is pure Win XP SP3 32-bit with PS/2 keyboard and the Intel CPU
>> has VT-x.
>> I already suffer on this for two days. Does anyone know how to solve this
>> issue?
>> Thanks a lot.
>>
Reply all
Reply to author
Forward
0 new messages